Provably Adaptive Trust Dynamics in Context-Aware Zero-Trust Systems: A Formal Framework for Continuous Verification

Title

Provably Adaptive Trust Dynamics in Context-Aware Zero-Trust Systems: A Formal Framework for Continuous Verification

Creator

Krishnan, Vivin; Sreeja, C.S.

Description

Zero-Trust (ZT) requires continuous, context-aware evaluation of authentication and authorization decisions. This paper introduces Zero-Trust Hybrid Adaptive Authentication (ZeTHAA), a continuous authentication and authorization framework integrating contextual attributes, authentication strength, behavioral evidence, and retry dynamics. ZeTHAA utilizes a probabilistic risk model and dual-policy thresholds to partition outcomes into allow, step-up, and block regions, enabling precise control over security-usability trade-offs. The system introduces a global admissibility predicate to distinguish hard violations from probabilistic soft violations. Attribute importance is dynamically derived from entropy and Beta-posterior distribution, enabling robust cold-start initialization and online recalibration. ZeTHAA presents a unified composite attack surface covering credential compromise, attribute forgery, and post-grant hijacking, modeling retry behavior with exponential risk escalation and temporal decay. A large-scale synthetic dataset capturing realistic authentication flows, adversarial and temporal patterns, was used to evaluate ZeTHAA against heuristic, logistic regression, random forest, XGBoost, and isolation forest baselines. ZeTHAA produced a more expressive risk distribution and significantly higher attack detection and efficiency while minimizing user friction. ZeTHAA outperformed baseline models, with Recall and Area Under the Curve (AUC) exceeding 79% and 15.1%, respectively. F1-Score showed increases of 48%-147%, with efficiency boost of 20-65%, while reducing the cost per attack by up to 39.6%. Benchmarks against frameworks from Dasu et al. and Matiushin et al. showed a 57.5% lead in F1-Score, more than double increase in detection rate, while blocking 70.78% more attacks. Additional analysis shows that ZeTHAA provides a mathematically grounded foundation for Zero-Trust systems, aligns with NIST standards, offering improved security guarantees and adaptive enforcement. 2013 IEEE.

Source

IEEE Access;Volume;14;pp.77839-77878

Date

01-01-2026

Publisher

Institute of Electrical and Electronics Engineers Inc.

Subject

Adaptive authentication; application integrity check; Bayesian online learning; continuous authentication; device authentication; dynamic secret injection; risk-based access control

Coverage

Krishnan V., CHRIST (Deemed to Be University), Department of Computer Science, Karnataka, Bengaluru, 560029, India; Sreeja C.S., CHRIST (Deemed to Be University), Center for Quantum Technologies and Complex Systems (CQTCS), Karnataka, Bengaluru, 560029, India

Rights

All Open Access; Gold Open Access; Green Open Access

Relation

ISSN: 21693536;

Format

online

Language

English

Type

Article

Identifier

https://doi.org/10.1109/ACCESS.2026.3695458

https://www.scopus.com/pages/publications/105039598215?origin=resultslist